Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2018
CVE-2018-8881
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.
CVSS Score
7.3
EPSS Score
0.002
Published
2018-03-20
CVE-2018-8882
Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-03-20
CVE-2018-8883
Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-03-20
CVE-2018-8873
In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-20
CVE-2018-8874
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222054.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-20
CVE-2018-8875
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x0022209c.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-20
CVE-2018-8876
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222098.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-20
CVE-2015-7460
Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108356.
CVSS Score
5.4
EPSS Score
0.001
Published
2018-03-20
CVE-2015-7461
XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service (memory consumption) via crafted XML data. IBM X-Force ID: 108357.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-03-20
CVE-2018-8832
enhavo 0.4.0 has XSS via a user-group that contains executable JavaScript code in the user-group name. The XSS attack launches when a victim visits the admin user group page.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-03-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved